Esempio n. 1
0
<?php

require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Db;
$validFields = ['name', 'description'];
$limit = isset($_GET['lim']) ? NERDZ\Core\Security::limitControl($_GET['lim'], 20) : 20;
$order = isset($_GET['desc']) && $_GET['desc'] == 1 ? 'DESC' : 'ASC';
$q = empty($_GET['q']) ? '' : htmlspecialchars($_GET['q'], ENT_QUOTES, 'UTF-8');
$orderby = isset($_GET['orderby']) ? NERDZ\Core\Security::fieldControl($_GET['orderby'], $validFields, 'name') : 'name';
$vals = [];
$query = empty($q) ? "SELECT name, description,counter\n      FROM groups\n      ORDER BY {$orderby} {$order} LIMIT {$limit}" : ["SELECT name,description, counter\n           FROM groups WHERE CAST({$orderby} AS TEXT) ILIKE ?\n           ORDER BY {$orderby} {$order} LIMIT {$limit}", ["%{$q}%"]];
$vals['list_a'] = [];
if ($r = Db::query($query, Db::FETCH_STMT)) {
    $i = 0;
    while ($o = $r->fetch(PDO::FETCH_OBJ)) {
        $vals['list_a'][$i]['id_n'] = $o->counter;
        $vals['list_a'][$i]['name_n'] = $o->name;
        $vals['list_a'][$i]['description_n'] = $o->description;
        $vals['list_a'][$i]['name4link_n'] = \NERDZ\Core\Utils::projectLink($o->name);
        ++$i;
    }
}
\NERDZ\Core\Security::setNextAndPrevURLs($vals, $limit, ['order' => $order, 'query' => $q, 'field' => empty($_GET['orderby']) ? '' : $_GET['orderby'], 'validFields' => $validFields]);
require_once $_SERVER['DOCUMENT_ROOT'] . '/pages/common/vars.php';
$user->getTPL()->assign($vals);
$user->getTPL()->draw('base/projectslist');
Esempio n. 2
0
<?php

// require_once $prj, $path variables
if (!isset($prj, $path)) {
    die('$prj, $path required');
}
ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core;
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
$user = new NERDZ\Core\User();
$messages = new NERDZ\Core\Messages();
$logged = $user->isLogged();
// boards
$id = isset($_POST['id']) && is_numeric($_POST['id']) ? $_POST['id'] : false;
$limit = isset($_POST['limit']) ? NERDZ\Core\Security::limitControl($_POST['limit'], 10) : 10;
$beforeHpid = isset($_POST['hpid']) && is_numeric($_POST['hpid']) ? $_POST['hpid'] : false;
// homepage
if (isset($_POST['onlyfollowed'])) {
    $lang = false;
    $onlyfollowed = true;
} else {
    $lang = isset($_POST['lang']) ? $_POST['lang'] : false;
    $onlyfollowed = false;
}
$vote = isset($_POST['vote']) && is_string($_POST['vote']) ? trim($_POST['vote']) : false;
//search
$specific = isset($_GET['specific']);
$action = isset($_GET['action']) && $_GET['action'] === 'profile' ? 'profile' : 'project';
$search = !empty($_POST['q']) ? trim(htmlspecialchars($_POST['q'], ENT_QUOTES, 'UTF-8')) : false;
//rewrite $path if searching not in home